Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
intelliants subrion cms vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2012-4771
Multiple cross-site scripting (XSS) vulnerabilities in Subrion CMS prior to 2.2.3 allow remote malicious users to inject arbitrary web script or HTML via the id parameter to (1) admin/accounts/, (2) admin/manage/, or (3) admin/manage/blocks/edit/; or (4) group parameter to admin/...
Intelliants Subrion Cms 2.2.0
Intelliants Subrion Cms 2.0.4
Intelliants Subrion Cms
Intelliants Subrion Cms 2.2.1
1 EDB exploit
NA
CVE-2012-4772
SQL injection vulnerability in register/ in Subrion CMS prior to 2.2.3 allows remote malicious users to execute arbitrary SQL commands via the plan_id parameter.
Intelliants Subrion Cms 2.2.1
Intelliants Subrion Cms 2.2.0
Intelliants Subrion Cms 2.0.4
Intelliants Subrion Cms
1 EDB exploit
NA
CVE-2012-4773
Multiple cross-site request forgery (CSRF) vulnerabilities in Subrion CMS prior to 2.2.3 allow remote malicious users to hijack the authentication of administrators for requests that add, delete, or modify sensitive information, as demonstrated by adding an administrator account ...
Intelliants Subrion Cms 2.0.4
Intelliants Subrion Cms
Intelliants Subrion Cms 2.2.1
Intelliants Subrion Cms 2.2.0
2 EDB exploits
4.8
CVSSv3
CVE-2021-43724
A Cross Site Scripting (XSS) vulnerability exits in Subrion CMS up to and including 4.2.1 in the Create Page functionality of the admin Account via a SGV file.
Intelliants Subrion Cms
9.8
CVSSv3
CVE-2017-11444
Subrion CMS prior to 4.1.5.10 has a SQL injection vulnerability in /front/search.php via the $_GET array.
Intelliants Subrion Cms
9.8
CVSSv3
CVE-2017-11445
Subrion CMS prior to 4.1.6 has a SQL injection vulnerability in /front/actions.php via the $_POST array.
Intelliants Subrion Cms
NA
CVE-2015-4129
SQL injection vulnerability in Subrion CMS prior to 3.3.3 allows remote authenticated users to execute arbitrary SQL commands via modified serialized data in a salt cookie.
Intelliants Subrion Cms
6.1
CVSSv3
CVE-2019-11406
Subrion CMS 4.2.1 allows _core/en/contacts/ XSS via the name, email, or phone parameter.
Intelliants Subrion Cms 4.2.1
6.1
CVSSv3
CVE-2020-35437
Subrion CMS 4.2.1 is affected by: Cross Site Scripting (XSS) through the avatar[path] parameter in a POST request to the /_core/profile/ URI.
Intelliants Subrion Cms 4.2.1
6.1
CVSSv3
CVE-2023-43875
Multiple Cross-Site Scripting (XSS) vulnerabilities in installation of Subrion CMS v.4.2.1 allows a local malicious user to execute arbitrary web scripts via a crafted payload injected into the dbhost, dbname, dbuser, adminusername and adminemail.
Intelliants Subrion Cms 4.2.1
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-40673
CVE-2024-36674
CVE-2024-27348
unspecified
CVE-2024-24919
CVE-2024-4870
malicious code
CVE-2024-2019
hard-coded
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
5
NEXT »